Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json)
Hash identifier: O7B9sjJE2r5bWuGCCVEuqg0f5JzLbZArpQC+OC9LL68=
Subject key identifier: 58:70:D3:5D:E7:FF:10:4D:18:3A:62:D9:16:E4:78:D7:9C:05:44:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AC552DEC51C51E1DC82CA65AF5446AD9068F60D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c5:52:de:c5:1c:51:e1:dc:82:ca:65:af:54:46:ad:90:68:f6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=8015af54c308baa5b95cd9316bc49342f08efd4921626edc8089947dd2ff9836, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fd:b1:84:10:b0:c6:58:0c:de:13:17:25:f8:
c8:8b:e3:96:5a:ca:0a:fc:77:0a:cc:2b:5f:52:37:
a5:b2:e6:e7:c0:5c:20:4d:f4:9c:14:a4:51:10:e0:
2a:f5:77:c0:24:6b:e3:75:0c:e4:ed:b8:3d:77:b0:
27:7c:06:b8:11:c4:d4:75:ae:e0:5d:99:f9:35:0d:
50:37:f5:de:ac:93:f9:48:79:f7:dc:a3:2a:e8:a2:
99:41:34:57:ea:ff:66:62:a8:12:09:8f:96:44:d8:
1f:db:d3:ab:e0:cf:d6:13:33:ba:93:8f:ae:39:e7:
1c:4a:70:b5:43:9c:10:5a:70:79:56:02:49:56:5e:
9d:4e:28:76:4c:2a:b3:b9:c6:30:de:07:51:a3:57:
67:8a:2c:ea:6b:d8:5b:cb:42:9e:2c:cc:af:19:b0:
81:ea:e8:81:77:01:15:17:1d:92:3f:9d:33:11:7f:
d6:3b:68:cd:b5:3c:37:bf:d8:44:ae:c8:cc:c9:79:
06:d4:b2:0f:7e:79:39:97:eb:c5:c5:79:4e:20:7f:
a4:f1:51:d0:23:37:56:63:2f:58:01:b9:48:eb:c4:
cd:5f:3b:0d:90:bc:a0:5c:1c:77:2e:32:fd:cd:dd:
ad:70:b6:49:9c:75:11:ae:02:a4:64:10:7b:3f:7d:
94:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:70:D3:5D:E7:FF:10:4D:18:3A:62:D9:16:E4:78:D7:9C:05:44:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:5000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:17:82:c2:de:34:5b:e2:a3:1a:7c:04:63:bb:47:bd:82:f7:
df:92:a7:ee:6c:57:5b:11:24:8f:ee:42:8f:9c:11:a5:e6:21:
9c:6c:84:83:49:aa:d6:06:eb:19:38:28:79:fb:4f:92:ee:92:
33:54:73:db:db:52:66:fa:df:fb:20:95:bc:9c:c1:47:10:d4:
08:16:ce:cc:be:a6:91:51:a4:ee:93:ba:d5:ea:87:d6:8a:2c:
22:f1:24:79:23:12:de:de:ca:d5:81:ba:06:90:b6:cc:61:2d:
b3:6f:10:5f:ba:c3:8f:54:b5:e6:ab:b9:8f:de:bf:c7:b0:f7:
96:86:b7:05:e0:71:86:11:ab:34:98:10:f2:95:19:08:df:31:
9d:6e:d4:f7:f4:b7:56:8d:1e:7b:3b:8d:98:97:02:69:aa:6a:
79:93:f7:6f:ec:47:c5:0c:a5:2e:19:87:c4:7f:35:d1:a7:5d:
1d:52:93:7c:03:23:77:99:2f:a5:d8:dd:bf:07:9c:2c:6c:79:
d9:28:2a:9d:e2:f7:aa:f9:4b:b7:27:e7:d1:89:a7:55:d0:48:
2c:c9:bf:00:45:cb:b7:7d:32:71:77:5a:c2:ac:5c:3e:cc:ea:
d7:df:99:cf:98:7b:b3:3f:a9:49:86:80:30:1b:9f:d5:49:92:
9b:27:2e:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWsVS3sUcUeHcgsplr1RGrZBo9g0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMTVhZjU0YzMwOGJhYTViOTVjZDkzMTZiYzQ5MzQyZjA4ZWZkNDkyMTYy
NmVkYzgwODk5NDdkZDJmZjk4MzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL9sYQQsMZYDN4TFyX4yIvjllrKCvx3CswrX1I3pbLm58BcIE30nBSkURDg
KvV3wCRr43UM5O24PXewJ3wGuBHE1HWu4F2Z+TUNUDf13qyT+Uh599yjKuiimUE0
V+r/ZmKoEgmPlkTYH9vTq+DP1hMzupOPrjnnHEpwtUOcEFpweVYCSVZenU4odkwq
s7nGMN4HUaNXZ4os6mvYW8tCnizMrxmwgerogXcBFRcdkj+dMxF/1jtozbU8N7/Y
RK7IzMl5BtSyD355OZfrxcV5TiB/pPFR0CM3VmMvWAG5SOvEzV87DZC8oFwcdy4y
/c3drXC2SZx1Ea4CpGQQez99lA8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRYcNNd
5/8QTRg6YtkW5HjXnAVE5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA9F4LC3jRb4qMafARju0e9gvffkqfubFdbESSP
7kKPnBGl5iGcbISDSarWBusZOCh5+0+S7pIzVHPb21Jm+t/7IJW8nMFHENQIFs7M
vqaRUaTuk7rV6ofWiiwi8SR5IxLe3srVgboGkLbMYS2zbxBfusOPVLXmq7mP3r/H
sPeWhrcF4HGGEas0mBDylRkI3zGdbtT39LdWjR57O42YlwJpqmp5k/dv7EfFDKUu
GYfEfzXRp10dUpN8AyN3mS+l2N2/B5wsbHnZKCqd4veq+Uu3J+fRiadV0Egsyb8A
Rcu3fTJxd1rCrFw+zOrX35nPmHuzP6lJhoAwG5/VSZKbJy5H
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:23 2024 by rpki-client on console-ams.rpki-client.org